package com.du.cloud.oauth.api.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.security.Principal;

/**
 * Desc:
 * Author: dushuang
 * Date 2019/12/30 17:02
 */
@RestController
@RequestMapping(value = "api")
public class ApiController {
    @GetMapping("hello")
    @PreAuthorize("hasAnyAuthority('user-add')")
    public String hello(){
        return "hello";
    }

    @GetMapping("current")
    public Principal user(Principal principal) {
        return principal;
    }

    @GetMapping("query")
    @PreAuthorize("hasAnyAuthority('user-edit')")
    public String query() {
        return "具有user-edit权限";
    }
}
